Move creating 'inline' folder from 'build-ca' to 'init-pki'

This allows a client that has not built a CA to use 'inline'. The CA and signed client certificate can be sent to the client, allowing the client to create a complete X509 based inline file, without creating a redundant CA. Also, add 'inline' command to the list of commands which do not require a CA. Signed-off-by: Richard T Bonhomme <[email protected]>
OpenVPN · Aug 4, 2023 · 17c9f1b · 17c9f1b
1 parent fdb6aed
commit 17c9f1b
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
@@ -1335,7 +1335,7 @@ and initialize a fresh PKI here."
 	fi
 
 	# new dirs:
-	for i in private reqs; do
+	for i in private reqs inline; do
 		mkdir -p "$EASYRSA_PKI/$i" || \
 			die "\
 Failed to create PKI file structure (permissions?)"
@@ -1656,7 +1656,7 @@ current CA. To start a new CA, run init-pki first."
 	# create necessary dirs:
 	err_msg="\
 Unable to create necessary PKI files (permissions?)"
-	for i in issued inline certs_by_serial \
+	for i in issued certs_by_serial \
 		revoked/certs_by_serial revoked/private_by_serial \
 		revoked/reqs_by_serial
 	do
@@ -7204,7 +7204,7 @@ case "$cmd" in
 		require_pki=1
 		case "$cmd" in
 			gen-req|gen-dh|build-ca|show-req| \
-			make-safe-ssl|export-p*)
+			make-safe-ssl|export-p*|inline)
 				unset -v require_ca
 			;;
 			*)